SQL Injections

Hitman · 25-11-2007, 03:56 PM

I can't edit but I have a question.

Would I be best to use this if I didn't want html, sql injections, javascript etc? I'll be making BBcode for html, so no redirects etc...

PHP Code:


<?
function clean($str)
{
$cl = strip_tags(addslashes(stripslashes(htmlspecialchars($str))));
return $cl;
?>

Beau · 26-11-2007, 05:29 AM

Don't bother with addslashes, stripslashes will work by itself fine. But apart from that, looks good.

Mentor · 26-11-2007, 03:32 PM

A relvent comic:

MrCraig · 26-11-2007, 04:04 PM

ROFL. @ above.

Hitman · 26-11-2007, 04:10 PM

Originally Posted by 01101101entor

A relvent comic:

Aha, thanks for posting that. +rep

~~zeJosh~~ · 26-11-2007, 04:21 PM

Hahah, very good!

Beau · 27-11-2007, 05:13 AM

I saw this during SOSE in the computer lab. I started laughing, and everyone looked at me weirdly

Thread: SQL Injections

Thread Tools

Posting Permissions